Solved

Forcing Win2k to delete profiles on logout

Posted on 2002-07-11
10
1,504 Views
Last Modified: 2013-12-14
This is one which I have really researched a lot on
the internet and could find no answers for.

We have a network of win2k workstations on a domain
with 2 domain controllers which all users are
authenticated from.

The problem is that the workstations only have 2GB hard
disks which are almost full because each time another
user logs on win2k creates a profile for them on the
local hard disk - each profile is 1.3MB and we have
400 users so you can imagine how much disk space is
wasted.

We have setup the "default user" profile perfectly and
we want all users to use this one profile when they
login and not have another created on the hard disk.

Either that or we want the system to delete the local
profile each time a user logs off and then recreate it
when they log back on. (we don't want to
use roaming profiles as all users need to have the
same profile anyway).

Any help much appreciated.
0
Comment
Question by:kcs_tec
  • 6
  • 4
10 Comments
 
LVL 13

Expert Comment

by:ocon827679
ID: 7146809
Is this an NT domain or a 2000 AD domain?  If it's a 2000 domain you can use a group policy, but the user must be using a roaming profile.  The policy is listed in the User Policies in the Admin Templates area.  It's there just for this reason, to save space on the hard drive.

If you're using an NT domain you might try to add the registry entry that the above policy applies.  The key is HKLM-Software-Policies-Microsoft-Windows-System, add value DeleteRoamingCache as a dword 1.  But again, I think that you need to be running roaming profiles for this to work.
0
 
LVL 13

Expert Comment

by:ocon827679
ID: 7148923
Just thought of another way.  There is a local security policy to limit the number of profiles cached on the machine.  Open the Local Security Policies in the Administrative Tools menu of Control Panel.  Under local policies, security policies you will see a policy to limit the number of cached logons.  It defaults to 0, which I believe turns off the policy.  Set it to 1.  This will only allow one profile to be stored at a time.  The corresponding registry entry is HKLM - Software - Microsoft - WindowsNT - Current Version - Winlogon.  The value is cachedlogonscount with a Reg_sz of 1 or whatever number of profiles you want to cache.
0
 

Author Comment

by:kcs_tec
ID: 7154324
Thankyou very much ocon827679 for your input which looked
to be just the thing I was looking for but strangely
the Win2k workstation still continues to store many
local profiles despite the registry change you mentioned
above, so I guess that doesn't work  :-(

I looked on the internet and read about a small utility
called delprof.exe which looks like it will be what I
need but unfortunately microsoft, in their infinite greed,
have seen fit to remove all download links to this
utility and you can only seem to get it be buying their
resource kit CD which we don't have time to get hold of.

Could any helpful person kindly give me a link to download
this utility or email it to me and then I will gladly
close the question and give them the points.

Thanx.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 13

Expert Comment

by:ocon827679
ID: 7154389
0
 

Author Comment

by:kcs_tec
ID: 7157148
Thanks for the link ocon827679. I got the file no problem
but every time I try and run it on the win2k workstation
I just get a fatal exception and win2k closes the program.
I have tried running the program as local administrater
and as a domain admin but no difference.

Any ideas?
0
 
LVL 13

Expert Comment

by:ocon827679
ID: 7157293
No, I've never played with the program.  Maybe someone else can weigh in on it.  There may be a problem with W2K compatibility.  I'll check the W2K resource kit and see if there is a newer version.
I don't understand why the local policy to limit the number of profiles cached didn't work.  I tested it before updating this question and it worked fine.  Maybe you need to be using roaming profiles for it to work, I'm not sure other than to say I know that the local admin profile was deleted.  Did you re-boot after applying the policy??
0
 
LVL 13

Accepted Solution

by:
ocon827679 earned 200 total points
ID: 7157517
Looks like MS put the lock on this tool.  It's not in their list of free tools, so you have to either purchase technet or the server resource kit.  The version that comes with the W2K server resource kit is 5.00.2134.1.  What a friggin drag!!
0
 

Author Comment

by:kcs_tec
ID: 7159695
Yeah it looks like I need a new version of delprof for
win2k - trust MS to be consisten eh..damn pain the
arse though. I don't have time to go and buy the resource
kit. Anyone out there feel like emailing the tool to me?

Regarding the policy setting - I think that it only
deletes the cached roaming profile and doesn't apply
to stored local profiles as it made no difference on the
machine (yeah I did reboot after changing the setting).
0
 
LVL 13

Expert Comment

by:ocon827679
ID: 7159933
I think it's against EE policy for someone to do that, besides you didn't leave an e-mail addr.
0
 

Author Comment

by:kcs_tec
ID: 7165104
I've got a mate who can email me the prog. Cheers for
all the input ocon.
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
How to record audio from input sources to your PC – connected devices, connected preamp to record vinyl discs, streaming media, that play through your audio card: Vista, Windows 7, Windows 8, Windows 8.1 and Windows 10 – both 32 bit & 64.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question